User Management

To access the support applications in SAP for Me, visitors need a S-User ID and in most cases, special permissions. For security reasons, SAP customers administer their users and support-related authorizations themselves:

  • A customer's administrator can request any number of S-user IDs.
  • Once an S-user ID has been generated, the administrator can assign the required authorizations to it, thereby granting access to support applications.
  • To prevent unauthorized access, administrators are also responsible for deleting IDs of users that have left the company or no longer need access to SAP for Me.

All these tasks are carried out in the User Management application(opens in new tab), which:

  • Gives you complete visibility of all users in your company, including active, requested and recently deleted users.
  • Allows you to request an unlimited number of additional S-user IDs and check their generation status.
  • Lets you find users by name, customer name, or department, but also more complex criteria like their authorization profile.
  • Allows you to run reports to identify all users with a particular authorization profile.
  • Enables you to inspect user details, including authorizations and special roles, edit one or multiple users, or assign them to departments.
  • Allows you to edit contact details, job title, department association and authorizations, in many cases for multiple users.
  • Lets you define authorization packages, which can then be assigned to users.
  • Allows you to delete an S-user ID.

Required Authorization

Contact a super or cloud administrator in your company.

Edit User Data

  • Additionally, authorization Edit Authorizations to perform special tasks within the application, see below.
Useful links

Procedure

To start the application, go to Users & Contacts → Overview tab → Manage Users and Authorizations card. The card shows this at-a-glance info:

  • Total users – S-user IDs that can be used to enter SAP for Me (including those that were recently created, but have not logged on to SAP for Me yet);
  • Recently created – Sub-set of Requested users: Requested S-user IDs that were recently generated but have not logged on to SAP for Me yet.
  • Action Required – Lists all Users and Authorizations related actions required.

Application Overview

The application interface features eight sub-sections that can be accessed using tabs. The figures on the tabs indicate the number of items in the respective sub-section.

  • Users – This section lists all S-users that can enter SAP for Me (including those IDs that were recently generated, but have not logged on to SAP for Me yet). Default sorting order is by create date with the most recently generated S-user ID at the top.
  • Requested Users – This section lists requested users including those that were recently generated, but have not logged on to SAP for Me yet. Default sorting order is by Requested On date with the most recently requested S-user ID at the top.
  • Deleted Users – This section lists S-user IDs that were deleted within the last 12 months as well as those where deletion is in process. Default sorting order is by Deleted On date with the most recently deleted S-user ID at the top.
  • Important Contacts – This section lists selected people in your company (not necessarily S-users) who hold an important function.
    For instance, they are super or cloud administrators, software recipients etc., often serving as point of contact for SAP concerning a particular topic. Default sorting order is by function, then S-user ID, installation, customer, and Customer CoE number.
  • Reports and Updates – With the help of powerful selection criteria, this section lets you identify all users that share certain authorizations. You can then mass update their authorizations. More ...
  • Auth. Packages (Authorization Packages) – This section lists sets of authorizations defined by you and other user administrators. The feature allows you to comfortably grant complex authorization profiles to multiple users in your organization that, for instance, work in the same department on the same tasks. More ...
  • Tech. Comm. Users (Technical Communication Users) – This section offers the tools to administer technical communication users (formerly called Support Hub users), which are created for technical purposes only. These IDs are required for system-to-system connections between your landscape and the SAP Support backbone. You cannot use them to log on to SAP websites, e.g. SAP for Me, SAP Store or SAP Community. More ...
  • Action Required – All self-service request are collected under the Action Required tab. This includes requests regarding authorizations and extensions of an S-user's expiry date. The KPI indicates the number of open requests.

Main Controls

  • Upon launching the application, the tab Users is preselected.
  • The headline indicates the number of items in the current sub-section.
  • The respective users are listed below the tab strip in a table that can be customized. Clicking an item (other than the user's e-mail address or Delete) in the list launches the User Details page for that user where you can change contact details or, if you have the authorization Edit Authorizations, administer the user's support authorizations.
  • The list of users can be downloaded to a local file, listed items can be narrowed to those that you are interested in, and the table layout can be customized.
  • More rows progressively get loaded when you scroll down the list. Alternatively, click Show All to load all list items at once.
  • Use the checkbox in the header row or checkboxes in front of rows to select all or individual list items.
  • Use the buttons in the footer toolbar to:
  • Use Request User to request a new S-user ID.
  • Click Delete in the table's Actions column to delete an individual S-user ID. Note that this feature is offered only for S-user IDs without special functions that prevent them from being deleted. More ... If the Actions column is not shown, click the "Settings" icon above the list to add it to the table view.
  • Note that while you are using this application, in SAP for Me's central search the repository Users is preselected allowing you to find a particular user by last name, first name, S-user ID, e-mail address, or country.

Customizing the list of users

  • Above the list of users, icons and in the Requested Users, Deleted Users, and Important Contacts sub-sections a Filter text input field offer the following functionality:
  • Use Show All to load the complete list of users in this section (rather than load it progressively by scrolling down the list).
  • Use Download to download the list of users to a local CSV (comma-separated value) file.
    Note:  This file only contains the items in the current list.
  • Use the Filter to narrow the list of items to those that you are interested in.
  • Adjust the table layout using Sort and Column Settings. More ...
  • Enter a text string in the Filter input field to narrow the list to those items that contain this string in one of the (visible as well as hidden) table columns.

Filtering the List

Filters can be applied for displaying only the data that interest you, for example the users in a particular department.
  1. Click Filter.
    The Filter dialog is displayed.
  2. Select a filter criterion, for instance Department. The Filter By: Department dialog is displayed.
  3. Use the checkboxes to select those departments that list items shall be displayed for.
  4. If desired, return to the Filter dialog and repeat step 2 to narrow the list even further.
  5. Confirm with OK (or revert with Cancel).
  6. The headline above the list reflects the number of users matching all filter criteria.
  7. To reset the filter, click the message strip or the Filter, then click Clear All Filters in the Filter By dialog.

Customizing the Table Layout

You can specify which table columns shall be displayed as well as their sorting order.
  1. Click the "Settings" icon. The Define Column Properties dialog is displayed.
  2. Use the checkboxes to select those columns that shall be displayed.
  3. If required, use the Search text input field to find a particular column.
  4. Mark a column (e.g. Last Login), then use the "Move to Top", "Move Up", "Move Down" or "Move to Bottom" icons to move it to a particular position, thus change the column sorting order.
  5. Confirm with OK (or abort with Cancel).

Overview of All Action Required Items

The Action Required section lists all self-service requests that S-users have submitted for approval: to have their ID extended close to the end of its lifetime, or to get more authorizations assigned.

There are three types of request statuses – Awaiting ApprovalApproved, and Rejected.

Upon entering the section, the list is filtered by requests in status Awaiting approval. To show the full history of already approved and rejected requests, simply remove this filter or use the filter bar to specify other selection criteria.

In the table of all requests, the column Type of Request categorizes the requests by topic, and Processed By indicates which administrator in your organization processed the respective request.

By clicking Download, the result list can be downloaded as a CSV file.

Click an authorization request to proceed to the Authorization Request page. A tab strip provides access to page sub-sections that contain contact details (including the reason for request) and authorization details. You can now easily approve or reject the request by clicking the respective buttons in the footer action bar.

If required, you can set the authorization level for the newly granted permission.

Process an expiry date request by selecting it from the list in the Action Required section. This brings you to the Manage Expiry Date page with its two sub-sections about contact details (including the reason for the request) and the option to manage the expiry date. To set a new expiry date, enter it manually or specify it using the date picker icon, then click Approve in the footer action bar. Alternatively, click Reject to dismiss the request.

Requesting New S-User IDs

  1. On the application's overview screen, select one of the sections UsersRequested UsersDeleted Users, or Important Contacts.
  2. Click Request User
  3. If your company has several SAP customer numbers, select the one that the new ID shall be associated with.

    Important:  Once the S-user ID has been requested, this association cannot be changed.

  4. Specify the user's salutation, first name, last name, and e-mail address.
  5. Select the user's preferred language from the list.
    It becomes the user's default language upon their first visit to SAP for Me.
  6. If wanted, assign the user to a department. To do so, either click the icon in the Department field to select an existing department from the list or use the keyboard to enter the name of a new department.
  7. If desired, assign the new user a set of authorizations by applying an authorization package.
  8. Click Submit to start the user generation process or Cancel to abort the request.

It can take up to 24 hours for it to be generated. The new user will receive an e-mail with an activation link, which is valid for 10 days.

User administrators can track the progress of the request under the Requested Users tab where the Status column initially shows In Process and, once the ID has been created, Successful.

Once the new S-user ID has been generated, it will also be listed under the Users tab.

Working with S-users

Administrators with the authorization Edit User Data can change basic properties of their company's (or Customer CoE's) S-user IDs: Telephone numbers, e-mail addresses, job titles, department associations. In addition, this authorization lets them request and delete S-user IDs.

If you have the authorization Edit Authorizations, you can also grant other S-users special permissions for support applications.

Viewing and Changing Basic User Properties

On the application's overview screen, click a list item in the sections Users, Requested Users, or Important Contacts to enter the User Details page for that user.

The header shows the user's ID, name, history, and company association.

A tab strip provides access to page sub-sections that contain contact details, a summary of the user's authorization profile as well as important functions, and information about a linked SAP Universal ID:

  • Authorizations are required to fulfill certain tasks using applications in the SAP for Me website, for instance, report incidents, download software, or check software orders.
  • People holding an important function serve as point of contact for SAP concerning a particular topic. For a comprehensive overview about important functions see the document About the user, authorization and administrator concept.
  • Universal ID (UID) is SAP's new single user login mechanism. With SAP Universal ID, you can log in once to gain access to all your authorized SAP platforms, including SAP for Me and its support applications if you link your S-user ID to your UID.

Notes

  • An S-user ID cannot be reassigned to a different customer number. If required, you have to request a new S-user ID that is associated with that customer number and delete the previous one.
  • If your name is spelled incorrectly, first and last name data are transposed in the wrong fields, or your name changed for legal reasons (e.g. marital status change, gender change, etc.), you can request name changes by reporting an incident(opens in new tab) under component XX-SER-SAPSMP-USR. Note that the S-user ID has to be associated with the same person as before the name change, see KBA 2597456(opens in new tab).
  • For company address changes, please contact your contracts department(opens in new tab).
Procedure
  1. Click Edit Contact Details to enter the edit mode for the Contact Details section.
  2. Select or enter the respective values for the user's salutation, preferred language, job title, phone numbers and e-mail address.

    Note: If the user has activated SMS text notifications about important SAP for Me alerts, by default these are sent to phone 2. Unless the Phone 2 field is empty, in which case notifications are sent to phone 1.

  3. Assign the user to a department. To do so, either click the icon in the Department field to select an existing department from the list or use the keyboard to enter the name of a new department.

    To remove the user from a department, select the first list option, NONE.

  4. Click Save to save your changes or Cancel to disregard them.
Managing Departments

Users can be assigned to departments defined by you and other user administrators in your company. You can filter lists of users or run reports based on this criterion.

Assigning users to or removing them from a department

You can assign one individual user to or remove him from a department by entering the User Details page and changing the basic settings, see above. Alternatively, or to simultaneously change the department assignment for multiple users, proceed as follows:

  1. Enter the Users section of the application.
  2. Select the user(s) from the list by ticking the checkbox(es).
  3. Click Manage Department button in the footer toolbar of the application. The Manage Departments popover is displayed.
  4. Check the users checkboxes to assign them to an existing department.
    In long lists, use the search to find the option that you are after.
  5. Click Add to assign users to a new department that is not listed, enter a department name, and add it to the list by clicking Save.
  6. To remove the users from their departments, select the first option, NONE.
  7. Confirm with Close.

The department information is updated in the users' information immediately.

Deleting a Department

You can remove departments from the list of options in the Manage Departments dialog.

Note: All users who are assigned to that department will get unassigned.

To delete a department:

  1. Select any user from the Users list.
    The Manage Departments button in the footer toolbar is activated.
  2. Click Manage Departments so that the Manage Departments popover is displayed.
  3. Click Edit.
    Beside every department name, a Delete icon is shown.
  4. Click Delete next to the department that you want to remove from the list.
  5. In the warning popover, confirm by clicking OK or Cancel to abort the deletion.
Deleting S-user IDs

For your own security, regularly delete inactive S-user IDs and S-user IDs of people who have left your company to prevent unauthorized access to company data and keep your user data up-to-date.

S-users with special functions (such as software recipient or technical contact person for an installation) cannot be deleted. This is only possible once SAP has transferred the function to somebody else. To do this, report an incident(opens in new tab) using component XX-SER-SAPSMP-USR and nominate a contact person who is to assume the role of the S-user to be deleted. It is, of course, also possible to request changes to contact person roles without deleting an S-user.

To delete one individual S-user ID:

  1. On the application's Overview screen enter the Users section.
  2. Scroll or filter to find the S-user ID that you want to delete. Click Delete icon in the Action column. (If this column is not shown, customize the table layout and add it to the view.)

Alternatively, or to delete multiple S-user IDs:

  1. On the application's Overview screen enter the Users section.
  2. Select all S-user IDs to be deleted.
  3. Click Delete button in the footer toolbar.
  4. Confirm by clicking OK or abort with Cancel.

Deleted S-user IDs are listed in the Deleted Users section of the application for twelve months and cannot be reactivated (see KBA 1811859).

When an S-user ID is deleted, the following are not affected:

  • The S-user's reported incidents are not lost and can still be accessed using the incident search.
  • The S-user's issued service reports are retained and can be accessed via the service report search function.
  • The S-user's requested license keys or systems are not lost.
  • The S-user's requested migration keys and developer and object keys (SSCR keys) are not lost and can be displayed using the global overviews.

Working with Authorizations

Authorization management deals with permissions that are required to fulfill certain tasks using applications in the SAP for Me website, for instance, report incidents, download software, or check software orders. Most authorizations contain not only the user's right to perform a specific task, but also the level at which the user can exercise this right.

Example – A user may be allowed to report incidents for one particular SAP product that your company has licensed (represented by "installation"), but not for others.

An important principle is the following:

Rule of Authorization Inheritance  Administrators can only grant those authorizations that they have been granted themselves.

 

There are several ways to maintain an S-user's authorization profile:

Assigning, amending, or removing individual authorizations

In the application's UsersRequested Users, or Important Contacts sections click a row in the list to enter the User Details page for that user.

  1. The table in the page section Existing Authorizations lists authorizations that were already assigned to the user, the type of levels they have been granted on (InstallationCustomerCustomer CoE, i.e. Customer Center of Expertise), as well as the level IDs and names. If an authorization was granted by applying an authorization package, this is reflected by an entry in the Authorization Package column.
  2. To add, change or remove authorizations, select Authorizations in the header's tab strip or scroll to the Authorizations section. A grayed-out list of all available authorizations is shown. Ticked checkboxes indicate which authorizations were already granted in the past.
  3. Click the "Edit Authorizations" pencil icon on the right to enter the edit mode.
  4. Using the checkboxes beside the authorizations, it is possible to assign or remove authorizations.
  5. As soon as a checkbox is selected, the information about the authorization level changes to "Granted for all customers and installations" (or "Granted for all customers") indicating that the permission has been granted at the highest level.

    There are two options to grant authorizations on a more granular level, for example enable the user to report incidents for one installation only.
    • Option 1 – An authorization shall be granted on the exact same combination of customer numbers and installations as another authorization that the user already got in the past. In this case, proceed as follows:
  6. Click Copy Levels for the authorization that the user already has. Select Authorizations dialog is displayed. Select the new authorization and confirm with OK
    • Option 2 – An authorization shall be granted on a different, not yet used combination of customer numbers and installations:
  7. Click the authorization that you are about to grant. The Maintain Authorization Levels page is displayed.
  8. To restrict the authorization to selected customer numbers click Modify Customer Authorization. The Select: Customer(s) dialog is displayed.
  9. Using the checkboxes, select the customer numbers from the list that the authorization shall be granted to.
  10. In long lists, use the search or advanced search to find a particular customer number: Enter the search term and click Go.
  11. The Selected Items section lists all chosen customer numbers. You can remove individual or all items by clicking the respective Remove.
  12. Once all customer numbers have been selected, confirm with OK (or abort with Cancel). The dialog window closes and customer numbers that the authorization has been granted for will be listed in the section Authorization Restricted to Listed Customers of the Maintain Authorization Levels page.
    If required, repeat these steps for installations.
    Note: If you (unnecessarily) select installations that belong to a customer number that was already selected in the previous steps, these entries will disappear when you save.
  13. Click Back to return to the User Details page.
  14. Click Save Authorizations to save your changes or Cancel to disregard them.

Copying Authorization profiles

You can copy an existing authorization profile from one user (source user) to one or multiple other users (target users) so that they share the exact same authorizations on the same levels.

Notes:

  • Authorizations that the target user previously possessed will be overwritten and potentially get lost, unless the source user has this authorization as well.
  • The Rule of Authorization Inheritance still applies if authorizations are granted by copying authorization profiles: If the source user has got an authorization that the administrator does not possess, this authorization will not be copied over to the target user.

To copy authorizations from a source user to one or multiple target users:

  1. In the application's Users, Requested Users, or Important Contacts sections click the row about the Source User.
    The User Details page for the user is shown.
  2. Click Copy User's Authorizations in the footer toolbar. The Select Users popover is displayed.
  3. Scroll through the list of users (or use the search) and select all target users by ticking the corresponding checkboxes.
  4. Click OK to confirm (or Cancel to abandon the change).

Defining and assigning authorization packages

Authorization packages are bundles of authorizations that you can flexibly define and then grant to one or multiple users in your company. This is helpful if several users need the same authorization profile, for instance because they work on the same tasks.

Note that the Rule of Authorization Inheritance applies: Only those authorizations contained in a package are granted to the user, which the person who applies the package possesses themselves.

Overview of the Authorization Packages section and basic features

Entering the Authorization Packages sub-section requires the authorization Edit Authorizations. A table lists all packages that the logged-on user administrator is entitled to assign to colleagues.

  1. The headline indicates the number of items in the list.
  2. The list can be sorted or downloaded to your computer as a comma-separated value (CSV) file. Furthermore, you can enter a filter term to narrow the list down to authorization packages with a name matching this string.
  3. A padlock icon indicates protected authorization packages. Only super administrators can change them. User administrators can still assign these packages to users.
  4. If you are a super administrator, as soon as one or multiple authorization packages have been selected, the Protect button becomes active. Click it to protect the selected authorization packages, thus prevent others from changing them.

    Revert the protection by clicking Unprotect.

  5. When you click the Report button, the list of all users in the selected packages is shown in a popover window. Using the Download function, you can save the list to a CSV file on your computer.
  6. By clicking Overview, the list of authorizations and levels that make up the selected authorization package is shown in a popover window. Using Download, you can save the list to a CSV file on your computer. Multi-selection of packages is not supported.
  7. Click Delete to delete all selected authorization packages. They will no longer be assigned to any users.
  8. Click Rename to give the selected authorization package a different name. Multi-selection is not supported.
  9. Click Assign User(s) button to enter the Select: Assign User(s) dialog. The list of all users you are entitled to administer is shown. Scroll through the list or use the search feature to find specific users. Tick the checkbox and click OK to grant them all authorizations that are contained in the package.
  10. Click Create to define a new authorization package.

Defining authorization packages

Creating a new authorization package is done in two steps: First, a new item is added to the list of all packages. Second, the new package's authorizations are defined.

  1. To create a new authorization package, click Create in the footer toolbar.
    The Create Authorization Package dialog is shown.
  2. Enter a Name for the package.
  3. If you are a super administrator, you can protect it by ticking the Protected checkbox.
  4. Click Save (or Close to abort).
    The new package is immediately shown in the overview list of all authorization packages.

Adding authorizations to the new package or removing or changing authorizations for an existing package, is done in a similar way to maintaining individual authorizations for a user:

  1. In the overview list of all authorization packages click a row to enter the details page for that package.
  2. To add more (or change or remove existing) authorizations, select Authorizations in the header's tab strip.
    A grayed-out list of all available authorizations is shown. Ticked checkboxes indicate authorizations that are included in the package.
  3. Click the Edit Authorizations to enter the Edit mode.
  4. Using the checkboxes beside the authorizations, it is possible to add authorizations to the package or remove them.
  5. As soon as a checkbox is selected, the information about the authorization level changes to Granted for all customers and installations or Granted for all customers indicating that the permission will be granted at the highest level when the package is applied.

    There are two options to associate an authorization with a more granular level.
    • Option 1 – An authorization shall be granted on the exact same combination of customer numbers and installations as another authorization. In this case:
  6. Click Copy Levels for the already defined authorization. The Select Authorizations dialog is displayed. Select the new authorization and confirm with OK.
    • Option 2 – An authorization shall be associated with a different, not yet used combination of customer numbers and installations:
  7. Click the authorization that you want to tweak.
    The Maintain Authorization Levels page is displayed.
  8. To restrict the authorization to selected customer numbers click Modify Customer Authorization.
    The Select: Customer(s) dialog is displayed.
  9. Using the checkboxes, select the customer numbers from the list that the authorization to be granted.
  10. In long lists, use the search or advanced search to find a particular customer number: Enter the search term and click Go.
  11. The Selected Items section lists these chosen customer numbers, and you can easily remove individual or all items by clicking Remove.
  12. Once all customer numbers have been selected, confirm with OK (or abort with Cancel). The dialog window will be closed and customer numbers that the authorization will be granted on will be listed in the section Authorization Restricted to Listed Customers of the Maintain Authorization Levels page.
  13. If required, repeat these steps for installations.

    Note: If you (unnecessarily) select installations that belong to a customer number that was already selected in the previous steps, these entries will disappear when you save.

  14. Click Back to return to the details page.
  15. Click Save Authorizations to save your changes or Cancel to disregard them.

All changes are immediately reflected in the Overview section of the package's details page. It lists authorizations that are contained in the package, the type of levels they have been granted on (Installation, Customer, Customer CoE, i.e. Customer Center of Expertise), as well as the level IDs and names.

Assigning or Removing Authorization Packages

There are several ways to assign authorization packages to users. However, only the first one is suitable to remove packages from a user's authorization profile.

Option 1 — Use if you want to assigning multiple packages to one user (or remove packages from the user's authorization profile):

  1. On the application's overview screen, click a list item in the sections Users, Requested Users, or Important Contacts. The User Details page for that user is shown.
  2. Scroll down to the section Existing Authorization Packages.
  3. Click Edit Authorizations.
    The Assign Authorization Packages overlay is shown.
  4. Select the packages that you want to assign to the user or deselect the ones that you want to remove from the user's authorization profile.
  5. Confirm with OK.

Option 2 — Use if you want to assign multiple packages to multiple users:

  1. From the application's overview screen, enter the section Users.
  2. Use the checkboxes to select all users that you want to assign the packages to.
  3. Click Assign Authorization Packages in the footer toolbar.
    The Assign Authorization Packages overlay is shown.

    Note: The list of packages does not indicate packages that have previously been assigned to the users.

  4. Select the packages that you want to assign to the users by ticking the respective checkboxes. In long lists, you can also use the search.
  5. Confirm with OK.

Option 3 — Use if you want to assign multiple packages to multiple users:

  1. From the application's overview screen, enter the Authorization Packages section.
  2. Use the checkboxes to select all packages that you want to assign to users.
  3. Click Assign User(s) in the footer toolbar.
    The Select: Assign User(s) overlay is shown.
  4. Select the users that you want to assign the packages to by ticking the respective checkboxes. In long lists, you can also use the search.
  5. Confirm with OK.

Mass Updates of Authorizations

To change the authorization profiles of multiple S-users at the same time, there are three options:

Reports and Mass updates

With the help of powerful selection criteria, the section Reports and Updates lets you identify all users that share certain authorizations or compare permissions of different users. If required, you can then update their authorizations simultaneously.

Overview of the interface

  1. On the application's overview screen select Reports and Updates from the tab strip.
  2. Use the filter bar to specify your selection criteria. For many criteria, multi-selection is supported. See below for an explanation of the various options.
  3. Click Go to retrieve all results that match the selection criteria.
    The result list shows all combinations of users, authorizations and authorization levels that match your filter criteria. Hence multiple rows in the list can correspond to one user. Clicking an item in the list launches the User Details page for that user.
  4. Click Download to download the result list to a local CSV (comma-separated value) file.
  5. Click Sort to sort the list by any column.
  6. Click Settings to select the columns that shall be displayed in the result list and specify their sorting order (see section "Customizing the table layout").
  7. Click Clear to reset all filters to the system default.
  8. When working with a view, i.e. queries that you have saved for re-use, the Restore link resets all filters to the view's filter settings.
  9. The Filters link gives access to the filter dialog. Here, all filters are arranged in a vertical layout. You can specify filter criteria, choose which filters shall be displayed, and save filter criteria for future re-use.
  10. The View Selector allows you to switch between your favorite views, i.e. queries that you have saved before, and manage them.
    When you modify filter criteria, an asterisk (*) next to its name indicates that the view has been changed.
  11. Click Add Authorization in the footer toolbar to enhance the authorization profile of all users in the result list and Delete Authorizations to restrict it.

Explanation of the various selection criteria

Each item in the result list is a data set consisting of the following:

  • an S-user ID (and corresponding user name, company, department, and e-mail address);
  • an authorization;
  • the level this authorization has been granted on, specified through either a Customer CoE number and name, a customer number and name, or an installation number and name;
  • the name of an authorization package if above mentioned authorization and level have been granted to the user by applying the package.

Note that, depending on the number of granted authorizations and granularity of authorization levels, one user can be listed multiple times in the list!

To retrieve a particular set of such items, the following criteria are offered:

  • User ID — This filter is best suited to get an overview about users' complete authorization profiles. Enter one or multiple S-user IDs — auto-completion lets you choose from a list of matching items — or click the icon in the User ID field to enter the Select: User(s) dialog, where you can comfortably scroll through a list of all your users or conduct a search.

    Multiple S-user IDs are logically connected by OR, i.e. all items are retrieved that contain at least one of the specified IDs.

  • Department — The result shall only feature items where the S-user ID is assigned to one of the specified departments.
  • Authorizations — The result shall feature items where the authorization matches one of those specified by you.

The three filters:

  1. Customer
  2. Installations
  3. Users

refer to authorization levels. If you select a value in any of them, all users will be listed where an authorization has been granted on one of the specified customer numbers, installation numbers, or S-user IDs.

  • Authorization Package — The result list will show items where authorizations have been granted to the user by applying one of the specified packages.
  • Selection — If you have specified values in several of the above filters, this filter determines how these filters are logically connected: Select Match ALL Filter Criteria if the result shall list items where the S-user ID matches one of those IDs specified by you, AND the department matches one of those specified by you, AND the authorization matches one of those you specified etc.

    Select Match AT LEAST ONE Filter Criterion if you want to link the filters through a logical OR. The result list will then feature all items that contain any of the values that you selected in one of the filters.

    Note: Within one filter the specified values are always logically connected by OR.

Examples

  1. Identify all users that may close and confirm incidents (on any level, regardless if this is the whole Customer CoE or just one installation). Your filter criteria:
    • Authorizations – Select the value Close Incidents.
  2. Identify all users that may close incidents for two specific installations. Your filter criteria:
    • Authorizations – Select the value Close Incidents.
    • Installations – Enter the two installation numbers or click the icon in the Installations field, then select them from the list that will be shown.
    • Selection – Choose Match ALL Filter Criteria.

    Note: The result list will also feature items where the Close Incidents authorization was granted on the higher-level customer numbers (or Customer CoE) that your installations are linked to.

  3. Identify all users that have got the permission to report incidents for one of your customer numbers because a specific authorization package has been applied. Your filter criteria:
    • Authorizations – Select the values Report an Incident and Send Incidents to SAP (which includes the permission to report incidents)
    • Customer – Enter the customer number or click the icon in the Customer field, then select it from the list that will be shown.
    • Authorization Package – Enter its name or click the icon in the field, then select it from the list that will be shown.
    • Selection – Choose Match ALL Filter Criteria.

Working with saved filter settings ("views")

If you run the same reports on a regular basis, you can save filter settings for future re-use as so-called "views".

Saving Views

  1. Use the filter bar to specify your selection criteria.

    An asterisk (*) next to the view's name will indicate that the current view has been modified but not saved.

  2. Click the view selector.
  3. Click the Save button if you want to overwrite the current view's selection criteria.

Note: The default view Standard cannot be modified, hence the Save button is grayed out and only Save As is offered to store your filter settings.

Alternatively:

  1. Click the Save As button if you want to store a new view. The Save View dialog is displayed.
  2. Specify a meaningful name for your search query.
  3. Tick Set as Default if this view shall be pre-selected the next time you launch the application. (Note that you will still have to click the Go button to retrieve results.)
  4. Confirm with OK (or revert with Cancel).

Changing or deleting views

To change the selection criteria of a particular view, proceed as follows:

  1. Select the view from the view selector. The filter bar shows this view's selection criteria.
  2. Adjust the selection criteria.
  3. Click the view selector, then click the Save button to overwrite the previous filter settings with the new ones.

To change the name or behavior of a view, do the following:

  1. Click the view selector icon.
  2. Click the Manage button. The Manage Views dialog will be displayed. It lists all saved views.
    • To change a view, you have the following options:
  3. Change the name of a view.
  4. Select the view that is preselected upon entering the Reports and Updates section by clicking its Default radio button.
  5. Remove a view from those frequently used ones that are listed under the view selector, by clicking the "Remove from Favorites" icon.
  6. You can also delete a view by clicking the "Delete View" icon next to it.
  7. Confirm your changes with OK (or revert with Cancel).

Customizing the Filter Bar

You can hide selection criteria that are not relevant to you. You can then add this setting to an existing view.

  1. Create a view or select one from the view selector, then click Filters.
  2. Alternatively, first click Filters. Then, in the Filters dialog, choose a view from the view selector.The selected view's filter criteria will be shown.
  3. Tick the Show on Filter Bar checkboxes for those filter criteria that shall be offered in the filter bar.
  4. Click Save to store these settings. Other actions are:
    • Click Go to retrieve all items matching your filter criteria.
    • Click Clear to remove all filter criteria.
    • Click Restore to revert changes that you have made.
    • Click Cancel to leave the dialog without saving any changes.

Mass updates

You can enhance or restrict the authorization profile of all users in a result list. Proceed as follows:

  1. Run a report to identify all users that match your selection criteria.
  2. To grant additional authorizations, click the Add Authorizations button in the footer toolbar. The Add Authorizations popover is shown.
  3. Using the checkboxes, select the authorizations that you want to add to the users' profiles. The information about the authorization level changes to "Granted for all customers and installations" (or "Granted for all customers") indicating that the permission has been granted at the highest level.
  4. To grant an authorization on a more granular level (e.g. for an installation only), click that authorization. The popover now shows the levels the authorization has been granted for.
  5. To restrict the authorization to selected customer numbers click the "Modify Customer Authorization" icon. The Select: Customer(s) dialog is displayed.
  6. Using the checkboxes, select the customer numbers from the list that the authorization shall be granted on.

    In long lists, use the search or advanced search to find a particular customer number: Enter the search term and click Go.

  7. Once all customer numbers have been selected, confirm with OK (or abort with Cancel). The dialog window will be closed, and you will return to the overview of levels the authorization has been granted on.
  8. If required, repeat these steps for installations.
  9. Click the "Back" icon in the upper-left corner to return to the list of all authorizations.
  10. If required, repeat these steps for other authorizations that you want to add to the users' authorization profiles.
  11. Finally click Save to save all changes (or Cancel to abort).

Click Delete Authorizations and proceed in a similar way if you want to restrict the users' authorizations. Also see the section Assigning, amending, or removing individual authorizations.

Technical communication users

For information on technical communication users (formerly called Support Hub users) please see this page, Technical Communication User.